dcsimg
 
 

The Next Huge Security Threat: Web Applications

By Elizabeth Millard  |  Posted 2008-10-29 Email Print this article Print
 
 
 
 
 
 

Software as a service may be on the rise, but so are security threats targeted at loopholes in application code. Here are some application security strategies from industry experts, with a closer look at one area not generally associated with security and information technology management--insurance.

As companies flock to software-as-a-service (SaaS) and design their own Web-based applications to take advantage of an always-on and always-accessible enterprise, they're also opening themselves to a formidable security threat, many experts believe.

Web app security is already a major concern, notes Ivan Arce, CTO of Core Security Technologies. Most enterprises have already adopted the Web paradigm for many of their internal applications as well as almost all of their external Internet presence, he states, creating an environment where Web applications are a major technological component in enterprise business processes.

"Unfortunately, most of the Web applications already in deployment were developed with no consideration or adherence to security software development practices," he says. "The result is that for many years, Web applications have been plagued by design and implementation bugs and became the low-hanging fruit for attackers."

Adding to the problem is the large amount of unpatched browsers, which create an additional layer of insecurity that can be exploited.



123>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that baselinemag.com may send you Baselinemag offers via email, phone and text message, as well as email offers about other products and services that Baselinemag believes may be of interest to you. Baselinemag will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit